Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redirect loop in creating a user session, right after a SAML login #5

Open
sandorspruit opened this issue Jan 9, 2018 · 11 comments
Open

Redirect loop in creating a user session, right after a SAML login #5

sandorspruit opened this issue Jan 9, 2018 · 11 comments

Comments

@sandorspruit
Copy link

I am experimenting with LimeSurvey SAML authentication, based on the plugin. Everything seems to be working just fine, users gets created in the database etc. but Yii loses the identity of the user right after the login. In particular: Yii::app()->user->getId() returns nothing after the final redirect to AdminController.

This causes LimeSurvey to redirect back and forth, indefinitely, between the AdminController (application/controllers/AdminController) and the authentication action (application/controllers/admin/authentication), until my browser gives up.
@Shnoulle
Copy link

Shnoulle commented Jan 9, 2018

Remind to put your LimeSurvey version :) 3.0 maybe ?

@sandorspruit
Copy link
Author

Thanks for the heads-up :) I am on Lime 2.72.5+171121

@Shnoulle
Copy link

Shnoulle commented Jan 9, 2018

Did you try with deactivating CRSF ? #4 (comment)

@sandorspruit
Copy link
Author

Yes, that was one of the first things we tried. I noticed some small changes in the authentication code, after a recent comfort update, so I'll re-investigate soon to see where that leaves me.

@Shnoulle
Copy link

This is strange, because webserver plugin are not updated since a lot of time :/

Else : maybe move this part to init :

limesurvey-saml/AuthSAML/AuthSAML.php

Line 98 in 462eb5b

public function __construct(PluginManager $manager, $id) {

@sandorspruit
Copy link
Author

I have already tried that. Now looking into the issue noted here:
https://simplesamlphp.org/docs/stable/simplesamlphp-sp#section_6 (last couple of lines in section 6)

@Frankniesten
Copy link

Maybe your session is lost. Try a different session storage method in simplesamlphp.

@maettle
Copy link

maettle commented Sep 4, 2018

I've got the same problem. After klicking the SAML button I get redirected to ADFS, and after the successful login it sends me into a never ending loop (and i don't know where), FF says Redirect Error.
@sandorspruit did you solve this problem?

@sandorspruit
Copy link
Author

Nope. At some point it was working 95% but the session issue kept coming up. Tried changing the simplesaml session storage method but it just wouldn't go away.

@foobarable
Copy link

foobarable commented Nov 29, 2018
edited
Loading

Any hints here? I'm lso stuck with this issue. My gut feeling is that SSP kills the session from limesurvey so maybe the plugin needs to call $session->cleanup() (from SSP) at some point. But I still have no clue yet at what point this has to be done

@foobarable
Copy link

Yes, looks good.

I added:

$session = SimpleSAML_Session::getSessionFromRequest();
$session->cleanup();

to the newUserSession function right after getting all the attributes from SSP and it seems to work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@foobarable @Shnoulle @Frankniesten @sandorspruit @maettle